PRIVACY POLICY

1.USER INFORMATION

in accordance with the provisions of Regulation (EU) 2016/679 of 27 April 2016 (RGPD) and the Organic Law 3/2018 of 5 December on the Protection of Personal Data and guarantee of digital rights, you are informed of the identity of the Data Controller, the purpose of the processing, the legitimacy for the processing of your data, the categories of recipients of transfers of your data (if any), the origin of your data processed if this is different from your voluntary submission and the rights that you have as a data subject.

2. INFORMATION CONCERNING THE DATA CONTROLLER

Name of Data Controller: Nassau Beach Club Ibiza SL

VAT NUMBER: B07722846

Full address: C/ Migjorn Gran 13. 07818 Ses Salines – Sant Josep, Ibiza . E-mail: info@nassaubeachclub.com

3. INFORMATION CONCERNING THE PURPOSE AND LEGITIMACY OF THE TREATMENT

The operations foreseen to carry out the treatment are:

For legitimate interest of the Responsible:

Economic and accounting management, tax management, administrative management, billing management, customer and supplier management, management of collections, payments and related services, history of commercial relations.

By express, unequivocal and informed consent of the interested party:

Selection of candidates for employees and collaborators.

Sending of commercial advertising communications by email, fax, SMS, MMS, social communities or any other electronic or physical means, present or future, that enable commercial communications. These communications will be made by the RESPONSIBLE and related to its products and services, or those of its collaborators or suppliers with whom it has reached a promotional agreement. In this case, third parties will never have access to personal data.

Receipt via web and subsequent processing of resumes of those interested in joining the workforce of the Responsible.

To carry out statistical studies.

Process orders, requests or any type of request made by the user through any of the forms of contact that are made available.

Sending the newsletter of the website.

Data retention criteria: The data will be retained for the duration of the business relationship between the parties. Once the commercial relationship has ended, the data will be blocked in order to prevent the possibility of access, being unblocked only in the event that such data were required to the Data Controller by any legal authority (tax, commercial, labor or judicial) and this only until the expiration date or legal prescription. Being subsequently destroyed conveniently and with appropriate safeguards to prevent their recovery.

4. INFORMATION REGARDING THE TRANSFER OR COMMUNICATION OF DATA

The personal data may be transferred for the maintenance of the commercial relationship and/or for the execution of operations, to the following execution of operations, to Fiscal, Accounting and Commercial Consultants, Banks, Savings Banks and Financial Institutions, Tax Authorities and other competent Public Bodies. The data will not be communicated to third parties, unless legally obliged to do so. No data will be transferred to third countries outside the European Economic Area or to International Organizations.

5. INFORMATION REGARDING THE RIGHTS OF THE INTERESTED PARTY AND HOW TO EXERCISE THEM

Rights of the User and how to exercise them:

The interested party has the right to: Access to their data, to have their data rectified, to have their data deleted, to the portability of their data, to the limitation of the processing of their data, to oppose the processing of their data, to withdraw the consent given, to file a complaint with the Supervisory Authority, to lodge a judicial appeal.

You can exercise these rights by sending a reasoned letter to the Data Controller or to his representative, specifying the right you wish to exercise, accompanied by a photocopy of your identification document. You may also request in advance to the Data Controller to be provided with a standard form for the right you wish to exercise.

The exercise of rights will not entail any management costs for the data subject, except for the postage costs if he/she chooses to exercise the right. You may exercise your rights:

Personally at the premises of the Data Controller by identifying yourself with your ID card or equivalent document.

By e-mail addressed to the address given in the section of the identification of the Data Controller and enclosing a photocopy of your ID card or equivalent document.

By postal mail (preferably certified) addressed to the address indicated in the section of the identification of the Data Controller.

Contact details to exercise your rights:

C/ Migjorn Gran 13. 07818 Ses Salines – Sant Josep, Ibiza . E-mail: info@nassaubeachclub.com

6. OBLIGATORY OR OPTIONAL NATURE OF THE INFORMATION PROVIDED BY THE USER.

The Users, by checking the corresponding boxes and entering data in the fields marked with an asterisk (*) in the contact form or submitted in download forms, expressly and freely and expressly and freely and unequivocally accept that their data are necessary for the provider to attend your request, being voluntary the inclusion of data in the remaining fields. The User guarantees that the personal data provided to the RESPONSIBLE are truthful and is responsible for communicating any changes to them.The RESPONSIBLE informs and expressly guarantees users that their personal data will not be transferred to third parties under any circumstances and that whenever any type of transfer of personal data is made, prior consent will be requested. All data requested through the website are mandatory, as they are necessary for the provision of an optimal service to the user. In the event that all the data is not provided, there is no guarantee that the information and services provided will be completely adjusted to your needs.

7. SECURITY MEASURES

That in accordance with the provisions of the current regulations on personal data protection, the RESPONSIBLE is complying with all the provisions of the RGPD regulations for the processing of the personal data under its responsibility, and manifestly with the principles described in article 5 of the GDPR, whereby they are processed in a lawful, fair and transparent manner in relation to the data subject and adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed. The RESPONSIBLE guarantees that it has implemented appropriate technical and organizational policies to apply the security measures established by the GDPR in order to protect the rights and freedoms of the Users and that it has communicated to them the appropriate information so that they can exercise them.